Dell : Security Vulnerabilities CVSS score between 8 and 8.99

Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to complete system takeover by an attacker.
Max Base Score
8.8
Published 2023-06-14
Updated 2023-06-27
EPSS 0.05%
Dell PowerScale OneFS, versions 8.2.2.x-9.5.0.x, contains an improper privilege management vulnerability. A remote attacker with low privileges could potentially exploit this vulnerability, leading to escalation of privileges.
Max Base Score
8.8
Published 2023-08-29
Updated 2023-09-01
EPSS 0.07%
Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious user may potentially exploit this vulnerability by bypassing certain authentication mechanisms in order to elevate privileges on the system.
Max Base Score
8.2
Published 2023-06-23
Updated 2023-06-30
EPSS 0.04%
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to bypass intended access restrictions and perform unauthorized actions.
Max Base Score
8.8
Published 2023-04-11
Updated 2023-04-18
EPSS 0.09%
Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting in information leaks, denial of service, and arbitrary code execution. Dell recommends customers to upgrade at the earliest opportunity.
Max Base Score
8.8
Published 2023-09-27
Updated 2023-09-29
EPSS 0.06%
Dell VxRail, versions prior to 7.0.450, contains an OS command injection Vulnerability in DCManager command-line utility. A local high privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
Max Base Score
8.2
Published 2023-05-23
Updated 2023-06-01
EPSS 0.04%
Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.
Max Base Score
8.8
Published 2023-02-01
Updated 2023-02-08
EPSS 0.06%
Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a Client-side desync Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability to force a victim's browser to desynchronize its connection with the website, typically leading to XSS and DoS.
Max Base Score
8.8
Published 2023-01-20
Updated 2023-02-01
EPSS 0.05%
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in celog. A low privileges user could potentially exploit this vulnerability, leading to information disclosure and escalation of privileges.
Max Base Score
8.8
Published 2023-02-01
Updated 2023-02-08
EPSS 0.05%
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and denial of service.
Max Base Score
8.1
Published 2023-02-01
Updated 2023-02-08
EPSS 0.05%
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
Max Base Score
8.2
Published 2023-02-01
Updated 2023-02-08
EPSS 0.04%
Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities.
Max Base Score
8.7
Published 2023-02-11
Updated 2023-02-21
EPSS 0.05%
Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system.
Max Base Score
8.8
Published 2023-02-11
Updated 2023-02-21
EPSS 0.07%
Dell PowerScale OneFS 9.0.0.x-9.4.0.x contains an Incorrect User Management vulnerability. A low privileged network attacker could potentially exploit this vulnerability, leading to escalation of privileges, and information disclosure.
Max Base Score
8.8
Published 2023-02-01
Updated 2023-06-27
EPSS 0.05%
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges.
Max Base Score
8.4
Published 2023-01-18
Updated 2023-01-25
EPSS 0.04%
Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application.
Max Base Score
8.8
Published 2023-01-18
Updated 2023-01-25
EPSS 0.05%
PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability. An unauthenticated non-privileged user could potentially exploit the issue and perform any privileged state-changing actions.
Max Base Score
8.8
Published 2023-02-11
Updated 2023-02-21
EPSS 0.06%
PowerPath Management Appliance with versions 3.3 & 3.2* contains Authorization Bypass vulnerability. An authenticated remote user with limited privileges (e.g., of role Monitoring) can exploit this issue and gain access to sensitive information, and modify the configuration.
Max Base Score
8.8
Published 2023-02-11
Updated 2023-07-21
EPSS 0.07%
Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders.
Max Base Score
8.2
Published 2022-10-11
Updated 2022-10-13
EPSS 0.06%
Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution.
Max Base Score
8.8
Published 2022-10-11
Updated 2022-10-13
EPSS 0.07%
Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. A remote unauthenticated attacker could exploit this vulnerability leading to unintentional access to path outside of restricted directory.
Max Base Score
8.8
Published 2022-10-11
Updated 2022-10-14
EPSS 0.09%
Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.
Max Base Score
8.8
Published 2023-02-01
Updated 2023-02-09
EPSS 0.04%
Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command injection vulnerability. A local malicious user may potentially exploit this vulnerability by using an SMI to bypass PMC mitigation and gain arbitrary code execution during SMM.
Max Base Score
8.2
Published 2022-08-31
Updated 2022-09-07
EPSS 0.04%
Dell Container Storage Modules 1.2 contains a path traversal vulnerability in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to unintentional access to path outside of restricted directory.
Max Base Score
8.8
Published 2022-08-30
Updated 2022-09-07
EPSS 0.11%
Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick libraries. A remote authenticated malicious user with low privileges could exploit this vulnerability leading to to execute arbitrary OS commands on the affected system.
Max Base Score
8.8
Published 2022-08-30
Updated 2022-09-02
EPSS 0.16%
112 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!